Common Denial of Service Attacks – DoS

Denial of service attacks are probably the most common attack on the internet. There are actually several different types but all can be basically split into two categories based on volume. The vast majority of attacks tend to try and overload networks and systems particularly using the distributed versions. They used to be very effective but now are easier to detect and prevent, the more subtle attacks can actually involve only a single packet which can trash a server, router or network card.

One of the more common brute force attacks is called a Smurf attack. This attack has one single goal and that is to consume bandwidth, it is perhaps one of the oldest attacks but unfortunately milllions of systems are still vulnerable to it. It also has variations but a common example involves a spoofed attack address (so don’t go complaining there!) and sending lots and lots of ICMP echo requests to a system. If you’ve ever been affected by this attack then I urge you to find and read – “Minimizing the Effects of Smurfing Denial of Service Attacks’. It’s a field notice issued by Cisco and also has some great illustrative scenarios in so administrators can understand the attacks.

One of the main reasons why these simple Denial of Service attacks still work is often due to network administrators not taking the time to secure their network. If you are vulnerable to these attacks you will usually end up becoming part of the problem. Hackers will utlise these networks to perform DoS attacks on others. Or you may find your servers used to perform criminal activities and being used in secure proxy avoidance scenarios.

The majority of brute force attacks like this and the Echo-Chargen attacks are easily mitigated in most circumstances and there’s plenty of literature online to explain how.